A methodology for finding source-level vulnerabilities of the Linux kernel variables

Jaekwang Kim; Jee Hyong Lee

doi:10.1109/IJCNN.2008.4634331

A methodology for finding source-level vulnerabilities of the Linux kernel variables

Sungkyunkwan University

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

1 Scopus citations

Abstract

Linux kernel provides several advantages to system developers and is widely used as an operating system in a variety of systems, including embedded systems, access routers and servers. These advantages are due to the fact that the Linux kernel Is publicly available, however, this feature of openness can have negative impacts on system security. If an attacker wished to exploit Linux-based systems, the attacker could easily do so by finding and abusing the vulnerabilities of the systems' Linux kernel sources. There are several methods available that can And source-level vulnerabilities, but they are not always suitable for the Linux kernel. In this paper, we propose a two-step Onion mechanism as a methodology to find source-level vulnerabilities of the Linux kernel variables. The first step of the Onion mechanism is to select variables that may be vulnerable by exploiting their usage patterns. The second step is to inspect the vulnerabilities of the selected variables by making and analyzing system call trees. We also evaluate our proposed methodology by applying it to two well-known source-level vulnerabilities.

Original language	English
Title of host publication	2008 International Joint Conference on Neural Networks, IJCNN 2008
Pages	3717-3722
Number of pages	6
DOIs	https://doi.org/10.1109/IJCNN.2008.4634331
State	Published - 2008
Externally published	Yes
Event	2008 International Joint Conference on Neural Networks, IJCNN 2008 - Hong Kong, China Duration: 1 Jun 2008 → 8 Jun 2008

Publication series

Name	Proceedings of the International Joint Conference on Neural Networks

Conference

Conference	2008 International Joint Conference on Neural Networks, IJCNN 2008
Country/Territory	China
City	Hong Kong
Period	1/06/08 → 8/06/08

Access to Document

10.1109/IJCNN.2008.4634331

Cite this

@inproceedings{0801a8ee2724427ba41e17a93d4f8f25,

title = "A methodology for finding source-level vulnerabilities of the Linux kernel variables",

abstract = "Linux kernel provides several advantages to system developers and is widely used as an operating system in a variety of systems, including embedded systems, access routers and servers. These advantages are due to the fact that the Linux kernel Is publicly available, however, this feature of openness can have negative impacts on system security. If an attacker wished to exploit Linux-based systems, the attacker could easily do so by finding and abusing the vulnerabilities of the systems' Linux kernel sources. There are several methods available that can And source-level vulnerabilities, but they are not always suitable for the Linux kernel. In this paper, we propose a two-step Onion mechanism as a methodology to find source-level vulnerabilities of the Linux kernel variables. The first step of the Onion mechanism is to select variables that may be vulnerable by exploiting their usage patterns. The second step is to inspect the vulnerabilities of the selected variables by making and analyzing system call trees. We also evaluate our proposed methodology by applying it to two well-known source-level vulnerabilities.",

author = "Jaekwang Kim and Lee, \{Jee Hyong\}",

year = "2008",

doi = "10.1109/IJCNN.2008.4634331",

language = "English",

isbn = "9781424418213",

series = "Proceedings of the International Joint Conference on Neural Networks",

pages = "3717--3722",

booktitle = "2008 International Joint Conference on Neural Networks, IJCNN 2008",

note = "2008 International Joint Conference on Neural Networks, IJCNN 2008 ; Conference date: 01-06-2008 Through 08-06-2008",

}

Kim, J & Lee, JH 2008, A methodology for finding source-level vulnerabilities of the Linux kernel variables. in 2008 International Joint Conference on Neural Networks, IJCNN 2008., 4634331, Proceedings of the International Joint Conference on Neural Networks, pp. 3717-3722, 2008 International Joint Conference on Neural Networks, IJCNN 2008, Hong Kong, China, 1/06/08. https://doi.org/10.1109/IJCNN.2008.4634331

A methodology for finding source-level vulnerabilities of the Linux kernel variables. / Kim, Jaekwang ; Lee, Jee Hyong.
2008 International Joint Conference on Neural Networks, IJCNN 2008. 2008. p. 3717-3722 4634331 (Proceedings of the International Joint Conference on Neural Networks).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - A methodology for finding source-level vulnerabilities of the Linux kernel variables

AU - Kim, Jaekwang

AU - Lee, Jee Hyong

PY - 2008

Y1 - 2008

N2 - Linux kernel provides several advantages to system developers and is widely used as an operating system in a variety of systems, including embedded systems, access routers and servers. These advantages are due to the fact that the Linux kernel Is publicly available, however, this feature of openness can have negative impacts on system security. If an attacker wished to exploit Linux-based systems, the attacker could easily do so by finding and abusing the vulnerabilities of the systems' Linux kernel sources. There are several methods available that can And source-level vulnerabilities, but they are not always suitable for the Linux kernel. In this paper, we propose a two-step Onion mechanism as a methodology to find source-level vulnerabilities of the Linux kernel variables. The first step of the Onion mechanism is to select variables that may be vulnerable by exploiting their usage patterns. The second step is to inspect the vulnerabilities of the selected variables by making and analyzing system call trees. We also evaluate our proposed methodology by applying it to two well-known source-level vulnerabilities.

AB - Linux kernel provides several advantages to system developers and is widely used as an operating system in a variety of systems, including embedded systems, access routers and servers. These advantages are due to the fact that the Linux kernel Is publicly available, however, this feature of openness can have negative impacts on system security. If an attacker wished to exploit Linux-based systems, the attacker could easily do so by finding and abusing the vulnerabilities of the systems' Linux kernel sources. There are several methods available that can And source-level vulnerabilities, but they are not always suitable for the Linux kernel. In this paper, we propose a two-step Onion mechanism as a methodology to find source-level vulnerabilities of the Linux kernel variables. The first step of the Onion mechanism is to select variables that may be vulnerable by exploiting their usage patterns. The second step is to inspect the vulnerabilities of the selected variables by making and analyzing system call trees. We also evaluate our proposed methodology by applying it to two well-known source-level vulnerabilities.

UR - https://www.scopus.com/pages/publications/56349153631

U2 - 10.1109/IJCNN.2008.4634331

DO - 10.1109/IJCNN.2008.4634331

M3 - Conference contribution

AN - SCOPUS:56349153631

SN - 9781424418213

T3 - Proceedings of the International Joint Conference on Neural Networks

SP - 3717

EP - 3722

BT - 2008 International Joint Conference on Neural Networks, IJCNN 2008

T2 - 2008 International Joint Conference on Neural Networks, IJCNN 2008

Y2 - 1 June 2008 through 8 June 2008

ER -

A methodology for finding source-level vulnerabilities of the Linux kernel variables

Abstract

Publication series

Conference

Access to Document

Other files and links

Fingerprint

Cite this